To use Airlock Microgateway in your Kubernetes cluster with Cilium, follow this guide to deploy the Airlock Microgateway Operator and its resources.
Prerequisites
- To use Airlock Microgateway, a valid license is required. Airlock Microgateway is available in a Premium and a free Community edition. To request and configure/change a license, see the article Licensing and license-dependent behavior.
- Cilium has been deployed as described in their documentation (Cilium) Documentation.
Deploy Airlock Microgateway
- Depending on which Kubernetes distribution you are using, complete the instructions in the corresponding installation guide:
- For Kubernetes, follow this guide: Kubernetes
- For OpenShift, follow this guide: OpenShift
- Create the Cilium CNI configuration for CNI chaining based on the following
cilium-cni-cm.yaml
template. - Apply the changes.
- Configure Cilium to use the CNI configuration. Perform
helm upgrade
with the following flags - Test Cilium. Use the Cilium cli tool to verify connectivity.
- Cilium CNI forwards the traffic and is visible in Hubble and Airlock Microgateway should be up and running.
What's next
- After deploying the Airlock Microgateway Operator in your Kubernetes Cluster, the following steps are required:
- Configure/change the Airlock Microgateway license. See article Licensing and license-dependent behavior.
- Annotate the web application Pods to protect as explained in Annotations for Microgateway Engine injection.
- Create the
CustomResources
to configure the Airlock Microgateway as outlined in Configuration.
Further information and links
- Internal links:
- Licensing and license-dependent behavior
- Annotations for Microgateway Engine injection
- Configuration
- External links:
- (Cilium) CNI Chaining